Data loss protection has become a critical job component for IT security executives. The recent leak of U.S. security information from NSA contractor Edward Snowden only drives that point home.
A recent study from Symantec highlighted that thousands of data records get compromised every year. In the United States alone, there were 28,765 data records that were breached. For companies, those security breaches add up, costing companies nearly $190 per breached record.
Every company has sensitive information on its servers, files and laptops. The most important part of managing that information is to manage the people who have access to it. In sharing top-level items within the company, IT security teams need to understand the risk of certain users who have access to that information. A good security system should create a trail of who accessed the information at a particular point.
Bring Your Own Security?
The increase in the number of employees who use their own devices for work has unnerved IT managers. GigaOm notes that some workers can access company data files using their personal laptops, smartphones and consumer cloud tools like Dropbox. In some cases, stealing sensitive information is as easy as popping a USB thumb drive into a company laptop and access the servers with a variety of password codes.
Data loss protection plans and services can offer companies a modicum of security, but many of these services still exists on company premises. More companies are taking to cloud security services to have the best online backup for company files.
Ways to Protect Your Data
Be alert for disgruntled employees — IT security managers should be alert to disgruntled employees. Watch for patterns of downloading activity from company servers from these individuals. Often, companies will notice that some employees tend to download confidential information from company servers prior to leaving a firm. It's important to keep close tabs on employees who might have an ax to grind, or ones who are deeply involved with company data.
Develop security loss prevention techniques — If your company doesn't have monitoring tools to check on employee downloading activity, invest in a third-party resource. Many services have tools to identify activities at certain IP addresses, and can note various activity patterns. Finding the best data loss prevention fit for your company size and security needs will offer more protection against data loss.
Invest in backup storage plans — Using cloud security can also offer another level of protection against missing data due to employee malfeasance. Bolster your on-premise servers with additional cloud storage tools. Having a back up plan for data protection is always a good idea.